1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
|
; The global setting for a default install
; Copyright(C) John H Terpstra - 1997
;======================= Global Settings =====================================
[global]
; workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
workgroup = WORKGROUP
; comment is the equivalent of the NT Description field
comment = Samba Server
; printing = BSD or SYSV or AIX, etc.
printing = bsd
printcap name = /etc/printcap
load printers = yes
; Uncomment this if you want a guest account, you must add this to /etc/passwd
; guest account = pcguest
log file = /usr/local/samba/var/log.%m
; Put a capping on the size of the log files (in Kb)
max log size = 50
; Options for handling file name case sensitivity and / or preservation
; Case Sensitivity breaks many WfW and Win95 apps
; case sensitive = yes
short preserve case = yes
preserve case = yes
; Security and file integrity related options
lock directory = /usr/local/samba/var/locks
locking = yes
; Strict locking is available for paranoid locking situations only
; enabling this severely degrades read / write performance.
; strict locking = yes
; fake oplocks = yes
share modes = yes
; Security modes: USER uses Unix username/passwd, SHARE uses WfW type passwords
; SERVER uses an other SMB server (eg: Windows NT Server or Samba)
; to provide authentication services
security = user
; Use password server option only with security = server
; password server = <NT-Server-Name>
; Configuration Options ***** The location of this entry in your smb.conf
; heirachy determines which parameters are overwritten - please watch out!
; Where %m is any SMBName (machine name, or computer name) for which a custom
; configuration is desired
; include = /usr/local/samba/lib/smb.conf.%m
; Performance Related Options
; Before setting socket options read the smb.conf man page!!
socket options = TCP_NODELAY
; Socket Address is used to specify which socket Samba
; will listen on (good for aliased systems)
; socket address = aaa.bbb.ccc.ddd
; Use keep alive only if really needed!!!!
; keep alive = 60
; Configure Samba to use multiple interfaces
; Samba will auto-detect network interfaces - only use this if
; the auto-detection does not deliver the needed results
; interfaces = 192.168.12.2/24 176.16.111.22/19 10.11.13.14/255.255.252.0
; Browser Control Options:
; Local Master set to True causes Samba to participate in browser elections
; the default setting is true, this causes Samba to behave like a
; Windows NT server. Setting this to false turns off all browser
; election participation.
; local master = yes
; OS Level gives Samba the power to win browser elections. Windows NT = 32
; Any value < 32 means NT wins as Master Browser, > 32 Samba gets it
; default = 0, this ensures that Samba will NOT win the browser election.
; os level = 33
; Domain Master specifies Samba to be the Domain Master Browser
; Only ever set this if there is NO Windows NT Domain Controller on the
; network
; domain master = yes
; Preferred Master causes Samba to force a local browser election on startup
; preferred master = yes
; Use with care only if you have an NT server on your network that has been
; configured at install time to be a primary domain controller.
; domain controller = <NT-Domain-Controller-SMBName>
; Domain Logon Service Options:
; Domain logon control can be a good thing! See [netlogon] share section below!
; Do NOT set this to yes if there is an Windows NT domain controller
; on the network
; domain logons = yes
; run a specific logon batch file per workstation (machine)
; logon script = %m.bat
; run a specific logon batch file per username
; logon script = %u.bat
; Where to store roving profiles (only for Win95 and WinNT)
; %L substitutes for the SMB name we are called, %U is username
; You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
; Windows Internet Name Serving Support Section:
; WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; the default is NO. If you have an Windows NT Server WINS use it!
; Samba defaults to wins support = no
; wins support = yes
; WINS Server - Tells the NMBD components of Samba to be a WINS Client
; Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
; WINS Proxy - Tells Samba to answer name resolution queries on behalf of a non
; WINS Client capable client, for this to work there must be at least one
; WINS Server on the network. The default is NO.
; wins proxy = yes
;============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
; Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Samba Network Logon Service
; path = /usr/local/samba/lib/netlogon
; Case sensitivity breaks logon script processing!!!
; case sensitive = no
; guest ok = yes
; locking = no
; writable = no
; For browseable say NO if you want to hide the NETLOGON share
; browseable = yes
; Un-comment the following to provide a specific roving profile share
; the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; printable = no
; guest ok = yes
; NOTE: There is NO need to specifically define each individual printer
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
printable = yes
; Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
create mask = 0700
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
; A publicly accessible directory, but read only, except for people in
; the staff group
[public]
comment = Public Stuff
path = /home/samba
public = yes
writable = yes
printable = no
write list = @users
; Other examples.
;
; A private printer, usable only by fred. Spool data will be placed in fred's
; home directory. Note that fred must have write access to the spool directory,
; wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
;
; A private directory, usable only by fred. Note that fred requires write
; access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
;
; a service which has a different directory for each machine that connects
; this allows you to tailor configurations to incoming machines. You could
; also use the %u option to tailor it by user name.
; The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes
;
;
; A publicly accessible directory, read/write to all users. Note that all files
; created in the directory by users will be owned by the default user, so
; any user with access can delete any other user's files. Obviously this
; directory must be writable by the default user. Another user could of course
; be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
;
;
; The following two entries demonstrate how to share a directory so that two
; users can place files there that will be owned by the specific users. In this
; setup, the directory should be writable by both users and should have the
; sticky bit set on it to prevent abuse. Obviously this could be extended to
; as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
|